Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3551


Vulnerability Score 5.0 5.0
CVE Id CVE-2005-3551
Last Modified 07 Mar 2011 09:26:45
Published 16 Nov 2005 02:42:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



toendaCMS before 0.6.2 stores user account and session data in the web root directory, which allows remote attackers to obtain sensitive information via a direct request to the appropriate XML file.

Vulnerable Systems


  • Toenda Software Development Toendacms 0.6.1


BUGTRAQ - 20051107 SEC Consult SA-20051107-0 :: toendaCMS multiple vulnerabilites

SECUNIA - 17471

VUPEN - ADV-2005-2343

Last Updated: 27 May 2016 10:40:58